How can I log iptables in Ubuntu just in /var/log/firewall with rsyslogd
10,814
Use a discard action after the iptables log, but before the other logs.
kern.warning /var/log/firewall.log
kern.warning ~
*.* /var/log/messages
Related videos on Youtube
34 : 06
Configure RSYSLOG to LOG IPTABLES Rules with --LOG-PREFIX to multiple log files in Ubuntu 20.04
02 : 15
How to log only iptables messages into my /var/log/iptables.log?
14 : 00
Introduction to IPTABLES and UFW on Ubuntu
01 : 30
How can I log iptables in Ubuntu just in /var/log/firewall with rsyslogd?
40 : 32
19 Configuring Linux Firewall (with iptables) | iptables rules and configuration
Comments
-
IRousso over 1 year
I am using ubuntu 10.10. with iptables! I want to log my firewall drops in the file /var/log/firewall and NOT in any other logfile.
So I added the following line to my file: /etc/rsyslog.d/50-default.conf:
#iptables Log kern.warning /var/log/firewall.logThis way my drops and logs from iptables are logging into the right file!
Now i dont know what to add to not log the drops in the other files.. At this time it write every drop in /var/log/messages /var/log/kern.log and /var/log/syslog
Heeeelp :)
I found this one : Add a local application to syslog excluded from /var/log/messages but it doesnt work.. Maybe because its Rsyslogd in Ubuntu 10.10?
Thanks!
-
Stefan Lasiewski over 13 yearsWhat does
~mean? (the rsyslog manual is a little vague).
